<?php
include "../header.inc";
require_once("../DataBase.inc");

$departments = DataBase::select("department");
$staff = null;
$roles = array();
if (isset($_GET["username"])) {
	
	if (isset($_POST["first_name"])) {
		DataBase::update("staff",array("username"=>$_GET["username"]),array("first_name"=>$_POST["first_name"],"last_name"=>$_POST["last_name"],"department_id"=>$_POST["department_id"]));
		foreach (DataBase::select("staff_roles",null,array("username"=>$_GET["username"])) as $role)
			array_push($roles, $role["role"]);
		if (isset($_POST["supervisor"])) {
			if (!in_array("supervisor",$roles)) {
				DataBase::insert("staff_roles",array("username"=>$_GET["username"],"role"=>"supervisor"));
			}
		} else if (in_array("supervisor",$roles)) {
			DataBase::delete("staff_roles",array("username"=>$_GET["username"],"role"=>"supervisor"));
			DataBase::delete("supervisor",array("supervisor_username"=>$_GET["username"]));
		}
		if (isset($_POST["interviewer"])) {
			if (!in_array("interviewer",$roles)) {
				DataBase::insert("staff_roles",array("username"=>$_GET["username"],"role"=>"interviewer"));
			}
		} else if (in_array("interviewer",$roles)) {
			DataBase::delete("staff_roles",array("username"=>$_GET["username"],"role"=>"interviewer"));
			DataBase::delete("interviewer",array("interviewer_username"=>$_GET["username"]));
		}
		if (isset($_POST["observer"])) {
			if (!in_array("observer",$roles)) {
				DataBase::insert("staff_roles",array("username"=>$_GET["username"],"role"=>"observer"));
			}
		} else if (in_array("observer",$roles)) {
			DataBase::delete("staff_roles",array("username"=>$_GET["username"],"role"=>"observer"));
			DataBase::delete("interview_observer",array("observer_username"=>$_GET["username"]));
		}
		if (isset($_POST["application_access"])) {
			if (!in_array("application_access",$roles)) {
				DataBase::insert("staff_roles",array("username"=>$_GET["username"],"role"=>"application_access"));
			}
		} else if (in_array("application_access",$roles)) {
			DataBase::delete("staff_roles",array("username"=>$_GET["username"],"role"=>"application_access"));
		}
		$roles = array();
	}
	
	$res = DataBase::select("staff",null,array("username"=>$_GET["username"]));
	if ($res <> false && count($res)>0) {
		$staff = $res[0];
		foreach (DataBase::select("staff_roles",null,array("username"=>$_GET["username"])) as $role)
			array_push($roles, $role["role"]);
	}
} else if (isset($_POST["first_name"])) {
	$username = strtolower($_POST["first_name"]);
	if ($username<>"") { 
		$res = DataBase::select("staff",null,array("username"=>$username));
		if ($res <> false && count($res)>0)
			for ($i = 2; $i < 10000; $i++) {
				$username = strtolower($_POST["first_name"]).$i;
				$res = DataBase::select("staff",null,array("username"=>$username));
				if ($res === false || count($res)==0) break;
			}
		DataBase::insert("staff", array("username"=>$username,"first_name"=>$_POST["first_name"],"last_name"=>$_POST["last_name"],"password"=>md5($_POST["password"]),"department_id"=>$_POST["department_id"]));
		if (isset($_POST["supervisor"])) DataBase::insert("staff_roles",array("username"=>$username,"role"=>"supervisor"));
		if (isset($_POST["interviewer"])) DataBase::insert("staff_roles",array("username"=>$username,"role"=>"interviewer"));
		if (isset($_POST["observer"])) DataBase::insert("staff_roles",array("username"=>$username,"role"=>"observer"));
		if (isset($_POST["application_access"])) DataBase::insert("staff_roles",array("username"=>$username,"role"=>"application_access"));
		echo "<script type='text/javascript'>location.href='?username=".$username."';</script>";
	}
}

?>
<br/>
<a href='list.php'>Go back to the staff list</a><br/>
<br/>
<form method='post'>
<table cellspacing=0 cellpadding=2>
<tr><td>First Name</td><td>
<input name='first_name' type='text' size=30 maxlength=30 value='<?php if ($staff<>null) echo $staff["first_name"]; ?>'/>
</td></tr>
<tr><td>Last Name</td><td>
<input name='last_name' type='text' size=30 maxlength=30 value='<?php if ($staff<>null) echo $staff["last_name"]; ?>'/>
</td></tr>
<?php if ($staff<>null){?>
<tr><td>Username</td><td>
<input name='username' type='text' size=30 maxlength=50 value='<?php if ($staff<>null) echo $staff["username"]; ?>' readonly='readonly'/>
</td></tr>
<?php } else {?>
<tr><td>Password</td><td>
<input name='password' type='password' size=30 maxlength=30/>
</td></tr>
<?php }?>
<tr><td>Department</td><td>
<select name='department_id'>
<?php
foreach ($departments as $d) {
	echo "<option value='".$d['department_id']."'";
	if ($staff <> null && $staff["department_id"] == $d["department_id"]) echo " selected='selected'";
	echo ">".$d["department_name"]."</option>";
}
?>
</select>
</td></tr>
<tr><td valign='top'>Roles</td><td>
<input name='supervisor' type='checkbox' <?php if (in_array("supervisor",$roles)) echo "checked='checked'";?>/> Supervisor<br/>
<input name='interviewer' type='checkbox' <?php if (in_array("interviewer",$roles)) echo "checked='checked'";?>/> Interviewer<br/>
<input name='observer' type='checkbox' <?php if (in_array("observer",$roles)) echo "checked='checked'";?>/> Observer<br/>
<input name='application_access' type='checkbox' <?php if (in_array("application_access",$roles)) echo "checked='checked'";?>/> Application access<br/>
</td></tr>
<tr><td colspan=2 align='center'>
<button type='submit'><?php if ($staff<>null) echo "Save changes"; else echo "Create staff"; ?></button>
</td></tr>
</table>
</form>
<?php
include "../footer.inc";
?>
